Home | History | Annotate | Download | only in authentication 
      1 //
      2 //  ========================================================================
      3 //  Copyright (c) 1995-2014 Mort Bay Consulting Pty. Ltd.
      4 //  ------------------------------------------------------------------------
      5 //  All rights reserved. This program and the accompanying materials
      6 //  are made available under the terms of the Eclipse Public License v1.0
      7 //  and Apache License v2.0 which accompanies this distribution.
      8 //
      9 //      The Eclipse Public License is available at
     10 //      http://www.eclipse.org/legal/epl-v10.html
     11 //
     12 //      The Apache License v2.0 is available at
     13 //      http://www.opensource.org/licenses/apache2.0.php
     14 //
     15 //  You may elect to redistribute this code under either of these licenses.
     16 //  ========================================================================
     17 //
     18 
     19 
     20 package org.eclipse.jetty.security.authentication;
     21 
     22 import java.io.IOException;
     23 import java.io.PrintWriter;
     24 import java.util.Collection;
     25 import java.util.Collections;
     26 import java.util.Locale;
     27 
     28 import javax.servlet.ServletOutputStream;
     29 import javax.servlet.ServletRequest;
     30 import javax.servlet.ServletResponse;
     31 import javax.servlet.http.Cookie;
     32 import javax.servlet.http.HttpServletRequest;
     33 import javax.servlet.http.HttpServletResponse;
     34 
     35 import org.eclipse.jetty.security.Authenticator;
     36 import org.eclipse.jetty.security.IdentityService;
     37 import org.eclipse.jetty.security.LoginService;
     38 import org.eclipse.jetty.security.ServerAuthException;
     39 import org.eclipse.jetty.security.UserAuthentication;
     40 import org.eclipse.jetty.server.Authentication;
     41 import org.eclipse.jetty.server.UserIdentity;
     42 import org.eclipse.jetty.util.IO;
     43 import org.eclipse.jetty.util.log.Log;
     44 import org.eclipse.jetty.util.log.Logger;
     45 
     46 public class DeferredAuthentication implements Authentication.Deferred
     47 {
     48     private static final Logger LOG = Log.getLogger(DeferredAuthentication.class);
     49     protected final LoginAuthenticator _authenticator;
     50     private Object _previousAssociation;
     51 
     52     /* ------------------------------------------------------------ */
     53     public DeferredAuthentication(LoginAuthenticator authenticator)
     54     {
     55         if (authenticator == null)
     56             throw new NullPointerException("No Authenticator");
     57         this._authenticator = authenticator;
     58     }
     59 
     60     /* ------------------------------------------------------------ */
     61     /**
     62      * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(ServletRequest)
     63      */
     64     public Authentication authenticate(ServletRequest request)
     65     {
     66         try
     67         {
     68             Authentication authentication = _authenticator.validateRequest(request,__deferredResponse,true);
     69 
     70             if (authentication!=null && (authentication instanceof Authentication.User) && !(authentication instanceof Authentication.ResponseSent))
     71             {
     72                 LoginService login_service= _authenticator.getLoginService();
     73                 IdentityService identity_service=login_service.getIdentityService();
     74 
     75                 if (identity_service!=null)
     76                     _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
     77 
     78                 return authentication;
     79             }
     80         }
     81         catch (ServerAuthException e)
     82         {
     83             LOG.debug(e);
     84         }
     85 
     86         return this;
     87     }
     88 
     89     /* ------------------------------------------------------------ */
     90     /**
     91      * @see org.eclipse.jetty.server.Authentication.Deferred#authenticate(javax.servlet.ServletRequest, javax.servlet.ServletResponse)
     92      */
     93     public Authentication authenticate(ServletRequest request, ServletResponse response)
     94     {
     95         try
     96         {
     97             LoginService login_service= _authenticator.getLoginService();
     98             IdentityService identity_service=login_service.getIdentityService();
     99 
    100             Authentication authentication = _authenticator.validateRequest(request,response,true);
    101             if (authentication instanceof Authentication.User && identity_service!=null)
    102                 _previousAssociation=identity_service.associate(((Authentication.User)authentication).getUserIdentity());
    103             return authentication;
    104         }
    105         catch (ServerAuthException e)
    106         {
    107             LOG.debug(e);
    108         }
    109         return this;
    110     }
    111 
    112     /* ------------------------------------------------------------ */
    113     /**
    114      * @see org.eclipse.jetty.server.Authentication.Deferred#login(java.lang.String, java.lang.String)
    115      */
    116     public Authentication login(String username, Object password, ServletRequest request)
    117     {
    118         UserIdentity identity = _authenticator.login(username, password, request);
    119         if (identity != null)
    120         {
    121             IdentityService identity_service = _authenticator.getLoginService().getIdentityService();
    122             UserAuthentication authentication = new UserAuthentication("API",identity);
    123             if (identity_service != null)
    124                 _previousAssociation=identity_service.associate(identity);
    125             return authentication;
    126         }
    127         return null;
    128     }
    129 
    130     /* ------------------------------------------------------------ */
    131     public Object getPreviousAssociation()
    132     {
    133         return _previousAssociation;
    134     }
    135 
    136     /* ------------------------------------------------------------ */
    137     /**
    138      * @param response
    139      * @return true if this response is from a deferred call to {@link #authenticate(ServletRequest)}
    140      */
    141     public static boolean isDeferred(HttpServletResponse response)
    142     {
    143         return response==__deferredResponse;
    144     }
    145 
    146     /* ------------------------------------------------------------ */
    147     /* ------------------------------------------------------------ */
    148     /* ------------------------------------------------------------ */
    149     final static HttpServletResponse __deferredResponse = new HttpServletResponse()
    150     {
    151         public void addCookie(Cookie cookie)
    152         {
    153         }
    154 
    155         public void addDateHeader(String name, long date)
    156         {
    157         }
    158 
    159         public void addHeader(String name, String value)
    160         {
    161         }
    162 
    163         public void addIntHeader(String name, int value)
    164         {
    165         }
    166 
    167         public boolean containsHeader(String name)
    168         {
    169             return false;
    170         }
    171 
    172         public String encodeRedirectURL(String url)
    173         {
    174             return null;
    175         }
    176 
    177         public String encodeRedirectUrl(String url)
    178         {
    179             return null;
    180         }
    181 
    182         public String encodeURL(String url)
    183         {
    184             return null;
    185         }
    186 
    187         public String encodeUrl(String url)
    188         {
    189             return null;
    190         }
    191 
    192         public void sendError(int sc) throws IOException
    193         {
    194         }
    195 
    196         public void sendError(int sc, String msg) throws IOException
    197         {
    198         }
    199 
    200         public void sendRedirect(String location) throws IOException
    201         {
    202         }
    203 
    204         public void setDateHeader(String name, long date)
    205         {
    206         }
    207 
    208         public void setHeader(String name, String value)
    209         {
    210         }
    211 
    212         public void setIntHeader(String name, int value)
    213         {
    214         }
    215 
    216         public void setStatus(int sc)
    217         {
    218         }
    219 
    220         public void setStatus(int sc, String sm)
    221         {
    222         }
    223 
    224         public void flushBuffer() throws IOException
    225         {
    226         }
    227 
    228         public int getBufferSize()
    229         {
    230             return 1024;
    231         }
    232 
    233         public String getCharacterEncoding()
    234         {
    235             return null;
    236         }
    237 
    238         public String getContentType()
    239         {
    240             return null;
    241         }
    242 
    243         public Locale getLocale()
    244         {
    245             return null;
    246         }
    247 
    248         public ServletOutputStream getOutputStream() throws IOException
    249         {
    250             return __nullOut;
    251         }
    252 
    253         public PrintWriter getWriter() throws IOException
    254         {
    255             return IO.getNullPrintWriter();
    256         }
    257 
    258         public boolean isCommitted()
    259         {
    260             return true;
    261         }
    262 
    263         public void reset()
    264         {
    265         }
    266 
    267         public void resetBuffer()
    268         {
    269         }
    270 
    271         public void setBufferSize(int size)
    272         {
    273         }
    274 
    275         public void setCharacterEncoding(String charset)
    276         {
    277         }
    278 
    279         public void setContentLength(int len)
    280         {
    281         }
    282 
    283         public void setContentType(String type)
    284         {
    285         }
    286 
    287         public void setLocale(Locale loc)
    288         {
    289         }
    290 
    291 	public Collection<String> getHeaderNames()
    292 	{
    293 	    return Collections.emptyList();
    294 	}
    295 
    296 	@Override
    297 	public String getHeader(String arg0)
    298 	{
    299 	    return null;
    300 	}
    301 
    302 	@Override
    303 	public Collection<String> getHeaders(String arg0)
    304 	{
    305             return Collections.emptyList();
    306 	}
    307 
    308 	@Override
    309 	public int getStatus()
    310 	{
    311 	    return 0;
    312 	}
    313 
    314     };
    315 
    316     /* ------------------------------------------------------------ */
    317     /* ------------------------------------------------------------ */
    318     /* ------------------------------------------------------------ */
    319     private static ServletOutputStream __nullOut = new ServletOutputStream()
    320     {
    321         public void write(int b) throws IOException
    322         {
    323         }
    324 
    325         public void print(String s) throws IOException
    326         {
    327         }
    328 
    329         public void println(String s) throws IOException
    330         {
    331         }
    332     };
    333 
    334 
    335 }
    336